aboutsummaryrefslogtreecommitdiffstats
path: root/plugins
Commit message (Collapse)AuthorAgeFilesLines
* Merge 0.11->trunkMatthew Wild2020-09-291-76/+106
|\
| * mod_websocket: Refactor frame validity checking, also check ↵Matthew Wild2020-09-291-77/+95
| | | | | | | | partially-received frames against constraints
| * mod_websocket: Continue to process data already in the buffer after an error ↵Matthew Wild2020-09-281-1/+1
| | | | | | | | | | | | | | | | | | | | occurs Previously any error, or even a normal websocket close frame, would return early, leaving potentially entire frames in the buffer unprocessed and then discarded. This change stops processing new data, but returns an existing processed data up to the point of the error/close.
| * mod_websocket: Enforce stanza size limit and close streamMatthew Wild2020-09-171-0/+4
| |
| * mod_websocket: Add separate limit for frame buffer sizeMatthew Wild2020-09-171-2/+2
| |
| * mod_websocket: handle full frame buffer and raise stream errorMatthew Wild2020-09-171-1/+5
| |
| * mod_websocket: Switch partial frame buffering to util.dbufferMatthew Wild2020-09-171-3/+8
| | | | | | | | | | This improves performance and enforces stanza size limits earlier in the pipeline.
| * mod_s2s: Escape invalid XML in loggin (same way as mod_c2s) fix #15740.11.6Kim Alvefur2020-08-011-2/+1
| |
* | mod_http: Silence warnings when running under prosodyctlMatthew Wild2020-09-111-2/+4
| |
* | mod_posix: Daemonize laterKim Alvefur2020-09-081-3/+1
| | | | | | | | | | Daemonizing later means we can use that as a "successful startup" signal and problems can be reported via exit code.
* | MUC: Don't default room name to JID localpart (API breaking change)Kim Alvefur2020-08-292-6/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | Behavior with turning empty name into localpart was originally introduced in 711eb5bf94b4 This has caused some problems for clients, making it difficult to differentiate between a room actually named like the localpart from a room without a name. Breaking: The function signature of the :get_name() method changes from always returning a string to optional string.
* | mod_posix: Remove ancient undocumented user switchingKim Alvefur2020-08-241-31/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | User switching has been done by prosodyctl or init scripts for a very long time now, so this is not needed. Using this would not have worked with module reloading (e.g. to reload certificates) since ports are closed and re-bound, which would then not be allowed. Today there exists better ways to grant low ports, i.e. capabilities(7) <Zash> Why do we have this? <MattJ> Remove it
* | mod_admin_shell: Report CSI queue length from mod_csi_simpleKim Alvefur2020-08-221-1/+5
| |
* | mod_admin_shell: Report CSI state in c2s:show()Kim Alvefur2020-08-221-0/+3
| |
* | mod_external_services: Validate services added via eventsKim Alvefur2020-08-171-0/+14
| | | | | | | | | | | | | | | | | | | | | | | | While writing developer documentation it became obvious that i was silly to have one item format for config and items API, and another format for the event API. Then there's the stanza format, but that's a common pattern. This change reduces the possible input formats to two and allows other modules the benefit of the processing and validation performed on items from the config.
* | mod_external_services: Allow specifying a credential generation callbackKim Alvefur2020-07-251-1/+1
| | | | | | | | | | This is especially targeted at services added via the items API. More involved credential generation should use the event hook.
* | mod_external_services: Prepare to allow more credential algorithmsKim Alvefur2020-07-251-13/+25
| | | | | | | | | | | | Not sure what algorithms might fit here. Separation makes some sense. This is also a preparation for having a callback. (See next commit)
* | mod_external_services: Support adding services via items APIKim Alvefur2020-07-251-2/+4
| |
* | mod_external_services: XEP-0215: External Service DiscoveryKim Alvefur2020-07-181-0/+205
| |
* | mod_component: Return extended error condition when not connectedKim Alvefur2020-04-131-1/+2
| | | | | | | | This might be something to write a XEP about.
* | mod_component: Reply with a different error when not connectedKim Alvefur2020-04-131-1/+1
| | | | | | | | | | | | | | | | | | The wait, service-unavailable is overloaded by XEP-0045 to mean that the room has reached the maximum number of users. See #1495. Bouncing errors for components is tricky since there is no way to tell that it comes from the server hosting the component, not from the other end of the component connection.
* | mod_net_multiplex: Set read size/mode to that of the target listenerKim Alvefur2020-08-021-0/+3
| | | | | | | | | | Otherwise it would use the configured buffer size, or previously '*a'. Using the read size set by the listener seems more sensible.
* | mod_net_multiplex: Read no more than the max buffer size settingKim Alvefur2020-08-021-1/+1
| | | | | | | | | | Otherwise the '*a' read mode applies, which under certain circumstances can read infinite amounts of data into memory.
* | mod_http: Add way to signal that a module supports streaming uploadsKim Alvefur2020-08-011-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #726 API: module:provides("http", { streaming_uploads = true; route = { PUT = function (event) event.request.body_sink = io.tmpfile(); return true; end } })
* | net.http.parser: Allow specifying sink for large request bodiesKim Alvefur2020-08-011-0/+9
| | | | | | | | | | | | | | This enables uses such as saving uploaded files directly to a file on disk or streaming parsing of payloads. See #726
* | mod_register: Add a dependency on mod_watchregistrationsEmmanuel Gil Peyrot2020-06-291-0/+1
| | | | | | | | | | Spammers are a big hassle, hopefully this will make admins aware of them sooner than when they’ve already spammed a bunch.
* | mod_proxy65: Limit dump of invalid data to 300 bytes (like mod_c2s)Kim Alvefur2020-07-171-2/+2
| |
* | mod_proxy65: Log invalid greetings escaped instead of as base64Kim Alvefur2020-07-161-3/+2
| | | | | | | | | | Makes it easier to see human-readable parts and thus identifying the garbage. Also consistent with mod_c2s and others.
* | mod_server_contact_info: Add status-addresses fieldKim Alvefur2020-05-271-0/+1
| | | | | | | | XEP-0157 version 1.1.0
* | mod_storage_sql: Measure hits/misses on the item count cacheKim Alvefur2020-07-021-0/+7
| | | | | | | | | | A cache miss can be expensive so having numbers on how often this occurs may be valuable.
* | mod_admin_shell: Handle server_epoll using monotonic time internallyKim Alvefur2020-06-301-2/+9
| |
* | mod_admin_shell: Fix debug:timers to handle net.server native timersKim Alvefur2020-06-291-6/+16
| |
* | mod_register_ibr: Add event for successful password resetMatthew Wild2020-06-221-0/+1
| | | | | | | | | | | | | | | | This is in addition to the existing event for password changes. This one includes additional details about the actor, and only triggers when the change is due to the account owner (presumably) resetting. As example use case is to invalidate one-time password reset tokens.
* | Merge 0.11->trunkKim Alvefur2020-06-211-3/+0
|\|
| * mod_muc_mam: Don't strip MUC <x> tags, fix #1567Kim Alvefur2020-06-211-3/+0
| |
* | mod_register_ibr: Allow registration to reset an existing account password ↵Matthew Wild2020-06-181-6/+19
| | | | | | | | if permitted by a plugin
* | mod_admin_shell: Update for async.wait_for renameKim Alvefur2020-06-131-2/+2
| |
* | mod_storage_internal, mod_storage_memory: Add support for query.beforeMatthew Wild2020-06-122-4/+10
| | | | | | | | Previously returned all results.
* | mod_storage_sql: Fix incorrect results when fetching items before specific ↵Matthew Wild2020-06-121-1/+1
| | | | | | | | | | | | archive id Copy/paste error, introduced in deb68066c7aa
* | mod_http: Support CIDR for trusted proxies.Boris Grozev2020-06-101-1/+16
| |
* | mod_admin_shell: Fix display of units for some statisticsKim Alvefur2020-06-071-1/+1
| |
* | Merge 0.11->trunkKim Alvefur2020-06-063-2/+25
|\|
| * mod_auth_internal_*: Apply saslprep to passwordsKim Alvefur2020-05-233-2/+25
| | | | | | | | Related to #1560
* | mod_admin_shell: Skip multiplier adjustment for ratesKim Alvefur2020-06-041-2/+3
| |
* | mod_admin_shell: Format stats with util.human.unitsKim Alvefur2020-06-031-36/+36
| |
* | mod_s2s: Move out of empty directoryKim Alvefur2020-06-021-0/+0
| | | | | | | | | | mod_s2s.lua had been all alone in there since the removal of s2sout.lib.lua in 756b8821007a
* | mod_admin_shell: Fix error due to float passed to os.date in Lua 5.3Kim Alvefur2020-06-021-4/+4
| | | | | | | | Thanks Martin
* | mod_admin_socket: Use module API meant for file pathsKim Alvefur2020-06-011-1/+1
| | | | | | | | | | Makes it so that a relative path in the config becomes relative to the data directory.
* | mod_vcard_legacy: Fix publishing vcard without avatarKim Alvefur2020-06-011-6/+8
| |
* | mod_vcard_legacy: Remove semi-broken support for multiple avatarsKim Alvefur2020-06-011-34/+28
| | | | | | | | | | | | | | | | | | Nobody does this. If someone wants to they should go use the PEP method directly instead. Additionally, this got in the way of doing multiple avatars The PEP Way, since it treated each 'data' as a distinct avatar with an optional corresponding 'metadata', which is not how it works.